In our latest workshop hosted by NAACCR, we received valuable feedback from our participants and suggestions on how to improve Vesta for our users. Participants requested that our team explicitly describe Vesta’s data security policy.
We’re committed to keeping your data safe. In this blog, we’ll walk through how Vesta handles user data, licensing, and third-party integrations—so you can feel confident in how your information is protected.
License Data Retention
When BioMedware generates a Vesta user license, the user’s email address or company name is embedded into the corresponding license key metadata.
At Vesta startup, the license key is validated for:
- The expected format/structure
- Is cryptographically signed with a BioMedware signature and stored on our third-party license generator (Keygen)
- Can be unencrypted/decoded
Vesta performs license validation for single-user license holders every 7-days with Keygen; this validation requires an internet connection. A 3-day grace period is in place to allow users without immediate internet access. Additionally, a machine fingerprint is used in the validation process.
A maximum of three machines is permitted per each single-user license. A single-user license holder must contact BioMedware support to deactivate one or more of their machines in order to activate another computer if all three machine slots have been previously used.
Holders of multi-user or enterprise-wide licenses are not subject to periodic license validation. Machine fingerprint is captured for multi-user or enterprise-wide license sessions but is not used in license validation.
Data Retention in Software
Vesta does not send, store or remotely save any data users import into the software. Any data that is imported into Vesta is only available to the user and is not stored or retained outside of the user’s session in Vesta.
Data saved to Vesta projects or exported via reports and visualizations are only available to the user and are subject to the user’s machine security measures.
Third-Party Software Library
Vesta utilizes third-party software libraries for map and chart generation. When creating Map visualizations in Vesta, map tiles are provided from MapTiler to use in ThinkGeo to create a background base map. Base maps are only received and displayed in the Map visualization; Vesta does not send data or user feedback to ThinkGeo.
Users should be aware that geographic locations are used to create Maps, so users may choose to use ID proxies if working with sensitive data. Additionally, the map querying function will display metadata for each geographic object when hovering over it. The metadata is local to Vesta and is not shared with ThinkGeo or MapTiler.
Vesta uses SciChart libraries for charting visualizations. This data is contained within Vesta on users’ machines, and there is no communication with servers for SciChart libraries from Vesta.
Have more questions about data security in Vesta? We’re here to help. Get in touch with our team anytime by filling out this form or emailing us at sales@biomedware.com.